3 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-3337
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing...
CVE-2026-3338
Improper signature validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69...
CVE-2026-3336 PKCS7_verify Certificate Chain Validation Bypass in AWS-LC
Improper certificate validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass certificate chain verification when processing PKCS7 objects with multiple signers, except the final signer. Customers of AWS services do not need to take action. Applications using AWS-LC should...